Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa (raw, json)
Hash identifier: Rfggw6NCaehHJcw8w8LNyJ8BP6zGC23EpVcltkgNhgg=
Subject key identifier: 7C:D7:91:2E:FD:0D:47:C1:AB:2A:37:EB:0B:B6:72:4C:44:C3:7E:7C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4330D9E105DD6F0CA28C7C18A850E184D45A7F13
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
Signing time: Fri 22 Aug 2025 14:47:13 +0000
ROA not before: Fri 22 Aug 2025 14:42:13 +0000
ROA not after: Fri 21 Aug 2026 14:47:13 +0000
asID: 58212
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:30:d9:e1:05:dd:6f:0c:a2:8c:7c:18:a8:50:e1:84:d4:5a:7f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:13 2025 GMT
Not After : Aug 21 14:47:13 2026 GMT
Subject: CN=7CD7912EFD0D47C1AB2A37EB0BB6724C44C37E7C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d5:22:e5:1d:8f:c8:49:b7:a2:17:da:a9:9d:
86:b7:eb:25:9d:80:ed:09:19:9d:81:b0:ea:af:39:
64:63:7b:4b:cf:40:95:84:96:5f:84:fe:09:f0:68:
a0:22:9a:80:93:87:01:59:26:de:57:b5:82:3e:42:
e6:07:89:92:fe:65:24:69:55:89:73:38:cd:1e:9b:
3d:f1:fe:f0:d0:29:e1:f9:96:5a:71:1e:65:61:4a:
3b:f3:db:39:33:38:3d:3e:13:3e:ad:b5:11:e5:1c:
e1:ab:f2:b4:25:d7:5c:31:b1:7d:b9:e5:e1:67:d2:
75:8e:7f:b0:61:b1:51:cb:fb:47:ba:7c:8f:51:af:
69:51:70:cb:0d:e4:f9:bc:f7:b2:74:56:15:f5:23:
ad:e4:b3:75:b7:b9:d0:d5:48:26:f3:7f:a7:d2:73:
eb:97:07:90:0e:09:32:88:19:1b:e9:9b:a5:5b:22:
e7:cf:fd:fb:74:2e:e8:46:ef:c9:5b:d3:5a:e6:70:
58:1a:bd:46:c0:ca:a3:bc:00:ca:07:b1:bf:fd:15:
38:08:3f:a8:fb:35:4d:bd:0f:dc:a4:5f:24:63:ac:
7c:c4:a1:1b:87:14:d2:00:2e:35:74:19:6d:c1:d6:
e5:48:eb:86:95:c7:9a:69:f0:90:5f:47:df:ff:2f:
56:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D7:91:2E:FD:0D:47:C1:AB:2A:37:EB:0B:B6:72:4C:44:C3:7E:7C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:90:46:ea:bd:3b:b3:01:f4:b3:f9:02:61:ff:9d:cb:a9:b9:
fe:e9:6a:2a:35:5e:8a:40:88:ea:63:97:34:11:47:88:5c:13:
3f:f8:8f:a8:00:2e:8c:8d:d0:63:ea:8d:86:40:12:04:91:cc:
40:f4:0f:c0:b8:46:e2:d8:89:c3:e7:c2:d2:64:df:c5:9b:0b:
dc:e3:55:a1:3c:e8:ef:8d:73:a0:e1:38:ba:fd:47:93:15:c9:
3f:af:ea:96:4a:ea:34:0f:29:21:3f:27:46:7f:8c:65:d9:6d:
49:91:1f:ee:23:ec:8c:b0:74:31:af:c9:88:1f:63:72:03:37:
1e:fe:ff:8d:de:13:8b:c3:02:df:72:6f:48:f5:39:09:4d:02:
41:5c:62:ef:25:42:f2:50:ed:77:0c:57:73:68:f5:1c:59:30:
b0:46:f6:30:ab:d0:a4:97:60:9b:5e:c7:ea:67:46:bc:20:00:
6f:00:01:29:d4:40:1d:6c:e3:5e:a0:a2:6f:fb:1c:12:e7:fa:
36:71:aa:5b:c0:df:49:ef:bf:49:e4:8f:24:a8:05:58:0e:04:
a8:3d:72:39:2a:98:03:eb:12:76:35:48:a9:d4:1c:16:b5:fb:
3f:a6:8f:d9:7c:a3:65:a1:5b:7f:2c:57:96:31:e1:e3:b2:4e:
fa:c2:67:e3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQzDZ4QXdbwyijHwYqFDhhNRafxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTNaFw0yNjA4MjExNDQ3MTNaMDMxMTAvBgNV
BAMTKDdDRDc5MTJFRkQwRDQ3QzFBQjJBMzdFQjBCQjY3MjRDNDRDMzdFN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH1SLlHY/ISbeiF9qpnYa36yWd
gO0JGZ2BsOqvOWRje0vPQJWEll+E/gnwaKAimoCThwFZJt5XtYI+QuYHiZL+ZSRp
VYlzOM0emz3x/vDQKeH5llpxHmVhSjvz2zkzOD0+Ez6ttRHlHOGr8rQl11wxsX25
5eFn0nWOf7BhsVHL+0e6fI9Rr2lRcMsN5Pm897J0VhX1I63ks3W3udDVSCbzf6fS
c+uXB5AOCTKIGRvpm6VbIufP/ft0LuhG78lb01rmcFgavUbAyqO8AMoHsb/9FTgI
P6j7NU29D9ykXyRjrHzEoRuHFNIALjV0GW3B1uVI64aVx5pp8JBfR9//L1Z5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfNeRLv0NR8GrKjfrC7ZyTETDfnwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBAI6QRuq9O7MB9LP5AmH/ncupuf7paio1
XopAiOpjlzQRR4hcEz/4j6gALoyN0GPqjYZAEgSRzED0D8C4RuLYicPnwtJk38Wb
C9zjVaE86O+Nc6DhOLr9R5MVyT+v6pZK6jQPKSE/J0Z/jGXZbUmRH+4j7IywdDGv
yYgfY3IDNx7+/43eE4vDAt9yb0j1OQlNAkFcYu8lQvJQ7XcMV3No9RxZMLBG9jCr
0KSXYJtex+pnRrwgAG8AASnUQB1s416gom/7HBLn+jZxqlvA30nvv0nkjySoBVgO
BKg9cjkqmAPrEnY1SKnUHBa1+z+mj9l8o2WhW38sV5Yx4eOyTvrCZ+M=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:47:43 2025 by rpki-client